This is great! https://github.com/undergroundwires/privacy.sexy/tree/master... looks like the raw data (yaml) for all these commands, including commands for macOS. With that, it’s at least plausible to audit these commands.

I probably still won’t trust it on a critical system without a reputable audit though, I think I’d still prefer to either trust Microsoft or Apple or go run OpenBSD or Linux instead.